const cors=(request,response,next)=>{
   response.header("Access-Control-Allow-Origin","*");
   //告诉浏览器服务器端支持的请求头信息
   response.header("Access-Control-Allow-Headers","Authorization,X-API-KEY,Origin,X-Requested-With,Content-Type,Accept,Access-Control-Request-Method");
   //告诉浏览器服务器端支持的请求方法
   response.header('Access-Control-Allow-Methods','GET,POST,OPTIONS,PATCH,PUT,DELETE');
   response.header('Allow','GET,POST,PATCH,OPTIONS,PUT,DELETE');
   //如果http请求的方法是options ，那么不用返回数据只是告诉浏览器服务器可用
   if(request.method=="OPTIONS" || request.method=="options"){
       response.status(200).send();
   }else{
       next();
   }
}
module.exports=cors